## **REMARKS**

Claims 1-24 are pending in the present application. Reconsideration of the Examiner's rejections of claims 1-24 is respectfully requested in view of the reasons set forth herein.

In the Office Action, claims 1-3, 7-11, 15-19 and 23-24 were rejected under 35 U.S.C. § 102(b) as allegedly being anticipated by *Draves* (U.S. Patent No. 5,802,590). The Examiner's rejections are respectfully traversed.

Independent claims 1, 9, and 17 set forth, among other things, requesting to execute at least one of the plurality of instructions or set of instructions by the software code running on the processor. Claims 1, 9, and 17 also set forth executing the requested instruction or set of instructions providing that the second security ID matches the first security ID. In an exemplary embodiment of the instant invention, the Applicants' Specification describes that for restricting the execution of security sensitive instructions by the software code running on the processor 305, the processor 305 determines whether the security ID associated with the code running thereon matches the security ID associated with the particular instruction that the software code is attempting to execute. If there is a mismatch between the security ID associated with the code running on the processor and the security ID associated with the particular instruction, the processor 305 denies execution of the security sensitive instruction by the software code running thereon at block 545. If there is a match between the security ID associated with the code running on the processor 305 and the security ID associated with the security sensitive instruction, the processor 305 executes the security sensitive instruction at block 550. See Applicants' Specification on page 14, lines 2-11.

**Draves** describes techniques for granting only authorized processes a secure access to a shared computer system resource. As noted by the Examiner, on page 4 of the Office Action

dated April 19, 2006, *Draves* on column 3, lines 39-41, discloses the main feature of the invention a method and system for providing secure access to resources. The system described by *Draves* ensures that a computer program is authorized to access a computer system resource. While each concurrently executing computer program is referred to as a process, various resources include the central processing unit, main memory, and peripheral devices (e.g., disk drives and printers). See *Draves*, column 1, lines 14-19. Since processes frequently need to share resources, to help manage the various resources, a kernel maintains a resource table for each process. See *Draves*, column 1, lines 23 and lines 42-43.

However, none of the <u>various resources</u> described by *Draves* are either the plurality of instructions or set of <u>instructions</u> or the <u>software code</u>. In particular, none of the <u>various resources</u> described by *Draves* include at least one of <u>the plurality of instructions</u> or <u>set of instructions</u> that have been <u>requested to execute by the software code</u>, as set forth in independent claims 1, 9, and 17. That is, in *Draves*, for example, when a process wishes to access the allocated resource, it simply passes the handle/key pair associated with a shared computer system resource to the kernel. The kernel examines the resource entry indexed by the passed handle to determine whether the passed key is equal to the key in the indexed resource entry. In this way, through the use of handle/key pairs, *Draves* provides a system which ensures that only authorized processes are able to access resources. The kernel allows a process access to a resource only when the passed key matches the key for the resource that is stored in the resource entry. See *Draves*, column 3, lines 63-67.

Instead of <u>requesting to execute</u> at least one <u>instruction by the software code</u> running on the processor and <u>executing the requested instruction</u>, in *Draves*, the server process 302 sends <u>a</u> resource allocation request to the kernel 304 for <u>sharing the resource</u> with the client process 314.

The handle/key pairs for the shared resource are passed by the server process 302.

The Examiner, unfortunately, disregards an express teaching of *Draves* and removes any distinction between "process" and "resource" terms to make an anticipation rejection. In particular, the Examiner argues that the "process" in *Draves* is a "resource." But equating a "process" to a "resource" is inconsistent with *Draves*, which does not use these terms interchangeably. To the contrary, as noted above, *Draves* describes that a process wishes to access the allocated resource. The Examiner, however, obfuscates this distinction and collapses the two terms into one. The Examiner effectively ignores the teachings of *Draves* and the Applicants' specification. This is clearly improper because it is in direct contravention to the Federal Circuit precedent expressed in Phillips v. AWH, Corp., 415 F.3d 1303 (Fed. Cir. 2005) (*en banc*).

For at least the aforementioned reasons, Applicants respectfully submit that the present invention is not anticipated by *Draves* and request that the Examiner's rejections of claims 1-3, 7-11, 15-19 and 23-24 under 35 U.S.C. 102(b) be withdrawn.

Claims 4-6, 12-14 and 20-22 stand rejected under 35 U.S.C. § 103(a) as allegedly being unpatentable over *Draves* in view of *Krueger* et al. (U.S. Patent No. 4,962,533). Reconsideration of the present application in view of the reasons set forth herein is respectfully requested.

Applicants submit that claims 4-6, 12-14 and 20-22 are not rendered obvious over *Draves* in view of *Krueger*. To establish a *prima facie* case of obviousness, the prior art reference (or references when combined) must teach or suggest all the claim limitations. *In re Royka*, 490 F.2d 981, 180 U.S.P.Q. 580 (CCPA 1974). The Examiner recognizes that *Draves* fails to teach or suggest classifying at least one instruction or set of instructions from a plurality of instructions

that are to be executed by a processor <u>as being security sensitive</u>. The Examiner relies upon *Krueger* to describe these claim limitations. However, *Krueger* does not remedy the fundamental deficiencies of *Draves* discussed above.

The cited references also fail to provide any suggestion or motivation for modifying the prior art to arrive at Applicants' claimed invention. To the contrary, Krueger teaches away from classifying instructions as being security sensitive. For example, in column 2, lines 47-48 and lines 53-56, Krueger does not check classification of an instruction accessing a word in the memory. Instead, Krueger is directed to controlling user access to data within a computer system. The computer system classifies data (not an instruction or instructions(s)) only at the level which is needed to provide a security technique for a computer system in which all data retains its classification, and in which no data is overclassified. In a computer system every word in the memory has a corresponding label. This label indicates the security classification, and compartments if any, of that word of data. Each time a word is accessed by any instruction, its <u>classification</u> is checked to see if access is allowed. Any attempt to improperly access any word within the computer system's memory generates a security violation and prohibits further execution of the currently running process. See *Krueger*, column 2, lines 1. 33-56. It is by now well established that teaching away by the prior art constitutes prima facie evidence that the claimed invention is not obvious. See, inter alia, In re Fine, 5 U.S.P.Q.2d (BNA) 1596, 1599 (Fed. Cir. 1988); In re Nielson, 2 U.S.P.Q.2d (BNA) 1525, 1528 (Fed. Cir. 1987); In re Hedges, 228 U.S.P.Q. (BNA) 685, 687 (Fed. Cir. 1986).

For at least the aforementioned reasons, Applicants respectfully submit that the present invention is not obvious over the cited references, either alone or in combination. Applicants

request that the Examiner's rejections of claims 4-6, 12-14 and 20-22 under 35 U.S.C. 103(a) be withdrawn.

In the Office Action, claims 1-3, 7-11, 15-19 and 23-24 were rejected under 35 U.S.C. § 102(b) as allegedly being anticipated by *Kamiya* (U.S. Patent No. 4,949,238). The Examiner's rejections are respectfully traversed.

Kamiya describes an apparatus for detecting memory protection violations in microprogram controlled data processors. To detect a memory protection violation in a data processor for executing microinstructions under control of microprograms, the apparatus comprises privilege level register means for storing a privilege level of a program now being executed. In particular, the data processor comprises a memory protection violation detector 15 and a current privilege level register (CPL) 17 to store the privilege level of a program now being executed are connected. See *Kamiya*, column 3, 1ines 1. 25-27. The memory protection violation detector 15 checks whether the memory protection information stored in the attribute information register 16 is correct or false, on the basis of the memory protection branch microinstruction stored in the mask register 122 of the microinstruction register 12 and the privilege level value stored in the current privilege level register 17, in order to detect a memory protection violation. See *Kamiya*, column 3, lines 1. 35-42. However, *Kamiya* is completely silent with regard to requesting to execute at least one instruction by the software code running on the processor and executing the requested instruction. Accordingly, Kamiya fails to teach or suggest a first security identification (ID) being associated with each of the requested instruction(s) to be executed by a software code with which a second security ID is being associated for restricting the execution of the requested instruction(s) by the software code. Kamiya also fails to teach or suggest obtaining the second security ID associated with the

software code that is requested to execute at least one instruction with which the first security ID is being associated, as set forth in claim 1.

For at least the aforementioned reasons, Applicants respectfully submit that the present invention is not anticipated by *Kamiya* and request that the Examiner's rejections of claims 1-3, 7-11, 15-19 and 23-24 under 35 U.S.C. 102(b) be withdrawn.

Claims 4-6, 12-14 and 20-22 were rejected under 35 U.S.C. § 103(a) as allegedly being unpatentable over *Kamiya* in view of *Krueger*. The Examiner's rejections are respectfully traversed.

It is respectfully submitted that the pending claims are not obvious in view of the prior art of record. To establish a *prima facie* case of obviousness, three basic criteria must be met. First, the prior art reference (or references when combined) must teach or suggest all the claim limitations. *In re Royka*, 490 F.2d 981, 180 U.S.P.Q. 580 (CCPA 1974). Second, there must be some suggestion or motivation, either in the references themselves or in the knowledge generally available to one of ordinary skill in the art, to modify the reference or to combine reference teachings. That is, there must be something in the prior art as a whole to suggest the desirability, and thus the obviousness, of making the combination. *Panduit Corp. v. Dennison Mfg. Co.*, 810 F.2d 1561 (Fed. Cir. 1986). In fact, the absence of a suggestion to combine is dispositive in an obviousness determination. *Gambro Lundia AB v. Baxter Healthcare Corp.*, 110 F.3d 1573 (Fed. Cir. 1997). The mere fact that the prior art can be combined or modified does not make the resultant combination obvious unless the prior art also suggests the desirability of the combination. *In re Mills*, 916 F.2d 680, 16 U.S.P.Q.2d 1430 (Fed. Cir. 1990); M.P.E.P. § 2143.01. Third, there must be a reasonable expectation of success.

The teaching or suggestion to make the claimed combination and the reasonable expectation of success must both be found in the prior art, and not based on applicant's disclosure. *In re Vaeck*, 947 F.2d 488, 20 U.S.P.Q.2d 1438 (Fed. Cir. 1991); M.P.E.P. § 2142. A recent Federal Circuit case emphasizes that, in an obviousness situation, the prior art must disclose each and every element of the claimed invention, and that any motivation to combine or modify the prior art must be based upon a suggestion in the prior art. *In re Lee*, 61 U.S.P.Q.2d 143 (Fed. Cir. 2002). Conclusory statements regarding common knowledge and common sense are insufficient to support a finding of obviousness. *Id.* at 1434-35. Moreover, it is the claimed invention, as a whole, that must be considered for purposes of determining obviousness. A mere selection of various bits and pieces of the claimed invention from various sources of prior art does not render a claimed invention obvious, unless there is a suggestion or motivation in the prior art for the claimed invention, when considered as a whole.

As discussed above, *Kamiya* fails to teach or suggest a first security identification (ID) being associated with each of the requested instruction(s) to be executed by a software code with which a second security ID is being associated for restricting the execution of the requested instruction(s) by the software code. *Kamiya* also fails to teach or suggest obtaining the second security ID associated with the software code that is requested to execute at least one instruction with which the first security ID is being associated.

The Examiner relies on *Krueger* to further describe the first security ID. The Examiner relies upon *Krueger* to describe associating a first security ID comprises classifying at least one instruction or set of instructions from a plurality of instructions that are to be executed by a processor as being security sensitive. However, *Krueger* is completely silent with regard to classification of an instruction accessing a word in the memory. Instead, to control user access to

data within a computer system, the Krueger computer system classifies data at the level which is

needed to provide a security technique. Consequently, Krueger does not describe or suggest

classifying at least one instruction or set of instructions from a plurality of instructions that are to

be executed by a processor as being security sensitive.

For at least the aforementioned reasons, Applicants respectfully submit that the Examiner

has failed to make a prima facie case that the present invention is obvious over the cited

references. Applicants request that the Examiner's rejections of claims 4-6, 12-14 and 20-22

under 35 U.S.C. 103(a) be withdrawn.

For the aforementioned reasons, it is respectfully submitted that all claims pending in the

present application are in condition for allowance. The Examiner is invited to contact the

undersigned at (713) 934-4089 with any questions, comments or suggestions relating to the

referenced patent application.

Respectfully submitted,

Date: 6/13/06

/Sanjeev K. Singh, Ph.D./

Sanjeev K. Singh, Ph.D.

Rec. No. L0220

Williams Morgan & Amerson, P.C.

10333 Richmond Avenue, Suite 1100

Houston, TX 77042

(713) 934-7000

(713) 934-7011 (Fax)

AGENT FOR APPLICANTS

14

## BEFORE THE OFFICE OF ENROLLMENT AND DISCIPLINE UNITED STATES PATENT AND TRADEMARK OFFICE

## LIMITED RECOGNITION UNDER 37 CFR § 11.9(b)

Dr. Sanjeev Kumar Singh is hereby given limited recognition under 37 CFR §11.9(b) as an employee of Williams, Morgan & Amerson, P.C., to prepare and prosecute patent applications for clients of Williams, Morgan & Amerson, P.C., is the attorney of record. This limited recognition shall expire on the date appearing below, or when whichever of the following events first occurs prior to the date appearing below: (i) Dr. Sanjeev Kumar Singh ceases to lawfully reside in the United States, (ii) Dr. Sanjeev Kumar Singh's employment with Williams, Morgan & Amerson, P.C. ceases or is terminated, or (iii) Dr. Sanjeev Kumar Singh ceases to remain or reside in the United States on an H-18 visa.

This document constitutes proof of such recognition. The original of this document is on file in the Office of Enrollment and Discipline of the U.S. Patent and Trademark Office.

Limited Recognition No. L0220

Expires: April 14, 2007

Harry I. Mostz

Director of Enrollment and Discipline